package iaik.security.keystore;

import b.a;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.DerInputStream;
import iaik.asn1.INTEGER;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.UTF8String;
import iaik.asn1.structures.AlgorithmID;
import iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo;
import iaik.pkcs.pkcs8.PrivateKeyInfo;
import iaik.security.cipher.SecretKey;
import iaik.security.random.SecRandom;
import iaik.security.spec.PBEKeyAndParameterSpec;
import iaik.utils.CryptoUtils;
import iaik.utils.InternalErrorException;
import iaik.x509.X509Certificate;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import org.apache.log4j.helpers.PatternParser;

/* loaded from: classes.dex */
public final class IAIKKeyStore extends KeyStoreSpi {

    /* renamed from: a, reason: collision with root package name */
    private int f983a = 32;

    /* renamed from: b, reason: collision with root package name */
    private int f984b = PatternParser.FULL_LOCATION_CONVERTER;

    /* renamed from: c, reason: collision with root package name */
    private int f985c = 16;
    private SecureRandom d = SecRandom.getDefault();
    private Hashtable e = new Hashtable();

    private int a(SEQUENCE sequence) {
        int countComponents;
        if (sequence != null && (countComponents = sequence.countComponents()) <= 3 && countComponents >= 1) {
            try {
                sequence.getComponentAt(0);
                if (countComponents == 1) {
                    return 11;
                }
                int tag = ((CON_SPEC) sequence.getComponentAt(1)).getAsnType().getTag();
                if (tag == 0) {
                    return 12;
                }
                if (tag == 1) {
                    return 13;
                }
                if (tag != 2) {
                    return tag != 3 ? 10 : 15;
                }
                return 14;
            } catch (Exception unused) {
            }
        }
        return 10;
    }

    private ASN1Object a(byte[] bArr) {
        return new AlgorithmID(new ObjectID("1.2.840.113549.1.5.9", null, null, false), new OCTET_STRING(bArr)).toASN1Object();
    }

    private SecretKey a(char[] cArr, byte[] bArr) {
        KeyGenerator keyGenerator;
        PBEKeyAndParameterSpec pBEKeyAndParameterSpec;
        byte[] a2 = a(cArr);
        PBEKeyAndParameterSpec pBEKeyAndParameterSpec2 = null;
        try {
            try {
                keyGenerator = KeyGenerator.getInstance("PBKDF2", "IAIK");
                pBEKeyAndParameterSpec = new PBEKeyAndParameterSpec(a2, bArr, this.f984b, this.f983a);
            } catch (Throwable th) {
                th = th;
            }
        } catch (Exception e) {
            e = e;
        }
        try {
            keyGenerator.init(pBEKeyAndParameterSpec, (SecureRandom) null);
            SecretKey secretKey = (SecretKey) keyGenerator.generateKey();
            byte[] password = pBEKeyAndParameterSpec.getPassword();
            for (int i = 0; i < password.length; i++) {
                password[i] = 0;
            }
            return secretKey;
        } catch (Exception e2) {
            e = e2;
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("Could not generate key: ");
            stringBuffer.append(e.toString());
            throw new InternalErrorException(stringBuffer.toString());
        } catch (Throwable th2) {
            th = th2;
            pBEKeyAndParameterSpec2 = pBEKeyAndParameterSpec;
            if (pBEKeyAndParameterSpec2 != null) {
                byte[] password2 = pBEKeyAndParameterSpec2.getPassword();
                for (int i2 = 0; i2 < password2.length; i2++) {
                    password2[i2] = 0;
                }
            }
            throw th;
        }
    }

    private Date a(INTEGER integer) {
        return new Date(((BigInteger) integer.getValue()).longValue());
    }

    private byte[] a() {
        byte[] bArr = new byte[this.f985c];
        this.d.nextBytes(bArr);
        return bArr;
    }

    private byte[] a(int i, Key key, byte[] bArr) {
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr, 24, 8);
            SecretKey secretKey = new SecretKey(bArr, 0, 24, "DESede");
            Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding", "IAIK");
            cipher.init(i == 0 ? 1 : 2, secretKey, ivParameterSpec, (SecureRandom) null);
            return cipher.doFinal(key.getEncoded());
        } catch (Exception e) {
            throw new KeyStoreException(a.p(e, a.j("Crypt failed: ")));
        }
    }

    private static byte[] a(String str) {
        try {
            return UTF8String.getUTF8EncodingFromString(str);
        } catch (Exception unused) {
            throw new RuntimeException("Error in UTF8 decoding");
        }
    }

    private static byte[] a(char[] cArr) {
        try {
            return UTF8String.getUTF8EncodingFromCharArray(cArr);
        } catch (Exception unused) {
            throw new RuntimeException("Error in UTF8 decoding");
        }
    }

    private INTEGER b() {
        return new INTEGER(BigInteger.valueOf(new Date().getTime()));
    }

    private static String b(byte[] bArr) {
        try {
            return UTF8String.getStringFromUTF8Encoding(bArr);
        } catch (Exception unused) {
            throw new RuntimeException("Error in UTF8 decoding");
        }
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration engineAliases() {
        return this.e.keys();
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str == null) {
            return false;
        }
        return this.e.containsKey(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) {
        if (str != null) {
            this.e.remove(str);
        }
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        SEQUENCE sequence;
        int i;
        if (str == null || (sequence = (SEQUENCE) this.e.get(str)) == null) {
            return null;
        }
        int countComponents = sequence.countComponents();
        if (a(sequence) == 15) {
            i = 1;
        } else {
            if (countComponents != 3) {
                return null;
            }
            i = 2;
        }
        ASN1Object componentAt = ((SEQUENCE) ((CON_SPEC) sequence.getComponentAt(i)).getComponentAt(0)).getComponentAt(0);
        X509Certificate x509Certificate = new X509Certificate();
        try {
            x509Certificate.decode(componentAt);
            return x509Certificate;
        } catch (CodingException e) {
            throw new InternalErrorException(e.getMessage());
        }
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            byte[] encoded = certificate.getEncoded();
            Enumeration engineAliases = engineAliases();
            while (engineAliases.hasMoreElements()) {
                String str = (String) engineAliases.nextElement();
                Certificate engineGetCertificate = engineGetCertificate(str);
                if (engineGetCertificate != null && CryptoUtils.equalsBlock(encoded, engineGetCertificate.getEncoded())) {
                    return str;
                }
            }
        } catch (CertificateEncodingException unused) {
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        SEQUENCE sequence;
        if (str == null || (sequence = (SEQUENCE) this.e.get(str)) == null || sequence.countComponents() != 3) {
            return null;
        }
        int a2 = a(sequence);
        if (a2 != 13 && a2 != 14) {
            return null;
        }
        SEQUENCE sequence2 = (SEQUENCE) ((CON_SPEC) sequence.getComponentAt(2)).getComponentAt(0);
        int countComponents = sequence2.countComponents();
        X509Certificate[] x509CertificateArr = new X509Certificate[countComponents];
        for (int i = 0; i < countComponents; i++) {
            try {
                ASN1Object componentAt = sequence2.getComponentAt(i);
                X509Certificate x509Certificate = new X509Certificate();
                x509Certificate.decode(componentAt);
                x509CertificateArr[i] = x509Certificate;
            } catch (CodingException unused) {
                return null;
            }
        }
        return x509CertificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        SEQUENCE sequence;
        if (str == null || (sequence = (SEQUENCE) this.e.get(str)) == null || a(sequence) == 10) {
            return null;
        }
        return a((INTEGER) sequence.getComponentAt(0));
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) {
        if (str == null) {
            throw new UnrecoverableKeyException("Alias has to be specified.");
        }
        SEQUENCE sequence = (SEQUENCE) this.e.get(str);
        if (sequence == null) {
            return null;
        }
        int a2 = a(sequence);
        if (a2 == 10) {
            throw new UnrecoverableKeyException("Invalid keystore record.");
        }
        if (a2 == 15) {
            throw new UnrecoverableKeyException("This alias specifies a certificate entry.");
        }
        if (a2 == 11) {
            throw new UnrecoverableKeyException("This alias specifies a date entry.");
        }
        CON_SPEC con_spec = (CON_SPEC) sequence.getComponentAt(1);
        int tag = con_spec.getAsnType().getTag();
        if (tag == 2) {
            ASN1Object componentAt = con_spec.getComponentAt(0);
            if (cArr != null) {
                try {
                    if (cArr.length != 0) {
                        return new EncryptedPrivateKeyInfo(componentAt).decrypt(cArr);
                    }
                } catch (Exception e) {
                    throw new UnrecoverableKeyException(a.p(e, a.j("Wrong password: ")));
                }
            }
            return new EncryptedPrivateKeyInfo(componentAt);
        }
        if (cArr == null || cArr.length == 0) {
            throw new UnrecoverableKeyException("Password has to be specified!");
        }
        SEQUENCE sequence2 = (SEQUENCE) con_spec.getComponentAt(0);
        SEQUENCE sequence3 = (SEQUENCE) sequence2.getComponentAt(0);
        try {
            ObjectID objectID = (ObjectID) sequence3.getComponentAt(0);
            if (!objectID.getID().equals("1.2.840.113549.1.5.9")) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Unknown OID: ");
                stringBuffer.append(objectID);
                throw new UnrecoverableKeyException(stringBuffer.toString());
            }
            byte[] wholeValue = ((OCTET_STRING) sequence3.getComponentAt(1)).getWholeValue();
            if (wholeValue.length != this.f985c) {
                throw new UnrecoverableKeyException("Invalid salt");
            }
            SecretKey a3 = a(cArr, wholeValue);
            try {
                try {
                    byte[] a4 = a(1, new SecretKey(((OCTET_STRING) sequence2.getComponentAt(1)).getWholeValue(), "RAW"), a3.getEncoded());
                    if (tag == 0) {
                        return new SecretKey(a4, "RAW");
                    }
                    try {
                        return PrivateKeyInfo.getPrivateKey(a4);
                    } catch (Exception e2) {
                        throw new UnrecoverableKeyException(e2.getMessage());
                    }
                } catch (KeyStoreException e3) {
                    throw new UnrecoverableKeyException(e3.getMessage());
                }
            } catch (IOException e4) {
                StringBuffer j = a.j("Cannot parse key: ");
                j.append(e4.toString());
                throw new UnrecoverableKeyException(j.toString());
            }
        } catch (Exception e5) {
            throw new UnrecoverableKeyException(a.p(e5, a.j("Cannot parse key: ")));
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return str != null && a((SEQUENCE) this.e.get(str)) == 15;
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        if (str == null) {
            return false;
        }
        switch (a((SEQUENCE) this.e.get(str))) {
            case DerInputStream.UTF8String /* 12 */:
            case 13:
            case 14:
                return true;
            default:
                return false;
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) {
        this.e.clear();
        if (inputStream == null) {
            return;
        }
        try {
            ASN1 asn1 = new ASN1(inputStream);
            SEQUENCE sequence = (SEQUENCE) asn1.getComponentAt(0);
            if (cArr == null) {
                throw new IOException("Password must be specified.");
            }
            SEQUENCE sequence2 = (SEQUENCE) asn1.getComponentAt(1);
            OCTET_STRING octet_string = (OCTET_STRING) sequence2.getComponentAt(1);
            OCTET_STRING octet_string2 = (OCTET_STRING) asn1.getComponentAt(2);
            SecretKey a2 = a(cArr, (byte[]) octet_string.getValue());
            try {
                Mac mac = Mac.getInstance("HMAC/SHA", "IAIK");
                mac.init(a2);
                mac.update(asn1.getFirstObject());
                if (!CryptoUtils.secureEqualsBlock((byte[]) octet_string2.getValue(), mac.doFinal(DerCoder.encode(sequence2)))) {
                    throw new IOException(this, "Integrity verification failed! HMAC not valid. ") { // from class: iaik.security.keystore.IAIKKeyStore.1
                        private static final long serialVersionUID = 1811236715520167575L;

                        /* renamed from: a, reason: collision with root package name */
                        private final IAIKKeyStore f986a;

                        {
                            this.f986a = this;
                        }

                        @Override // java.lang.Throwable
                        public Throwable getCause() {
                            return new UnrecoverableKeyException("Integrity verification failed! HMAC not valid. Wrong password!");
                        }
                    };
                }
                for (int i = 0; i < sequence.countComponents(); i++) {
                    SEQUENCE sequence3 = (SEQUENCE) sequence.getComponentAt(i);
                    OCTET_STRING octet_string3 = (OCTET_STRING) sequence3.getComponentAt(0);
                    this.e.put(b((byte[]) octet_string3.getValue()), (SEQUENCE) sequence3.getComponentAt(1));
                }
            } catch (Exception e) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Could not initialize HMAC: ");
                stringBuffer.append(e.toString());
                throw new NoSuchAlgorithmException(stringBuffer.toString());
            }
        } catch (CodingException e2) {
            throw new IOException(a.o(e2, a.j("CodingException: ")));
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) {
        if (str == null) {
            throw new KeyStoreException("Alias has to be specified.");
        }
        if (certificate == null) {
            throw new KeyStoreException("Certificate has to be specified.");
        }
        if (engineIsKeyEntry(str)) {
            throw new KeyStoreException("This alias is already used by a key.");
        }
        SEQUENCE sequence = new SEQUENCE();
        sequence.addComponent(b());
        SEQUENCE sequence2 = new SEQUENCE();
        try {
            sequence2.addComponent(DerCoder.decode(certificate.getEncoded()));
            sequence.addComponent(new CON_SPEC(3, sequence2, false));
            this.e.put(str, sequence);
        } catch (Exception e) {
            throw new InternalErrorException(a.p(e, a.j("Could not encoding certificate: ")));
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:16:0x0087 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    @Override // java.security.KeyStoreSpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void engineSetKeyEntry(java.lang.String r7, java.security.Key r8, char[] r9, java.security.cert.Certificate[] r10) {
        /*
            r6 = this;
            if (r7 == 0) goto Lcf
            if (r8 == 0) goto Lc7
            boolean r0 = r8 instanceof iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo
            r1 = 13
            r2 = 12
            r3 = 14
            if (r0 == 0) goto L11
            r0 = 14
            goto L23
        L11:
            if (r9 == 0) goto Lbf
            boolean r0 = r8 instanceof javax.crypto.SecretKey
            if (r0 == 0) goto L1a
            r0 = 12
            goto L23
        L1a:
            byte[] r0 = r8.getEncoded()     // Catch: java.security.InvalidKeyException -> Lb7
            iaik.pkcs.pkcs8.PrivateKeyInfo.getPrivateKey(r0)     // Catch: java.security.InvalidKeyException -> Lb7
            r0 = 13
        L23:
            iaik.asn1.SEQUENCE r4 = new iaik.asn1.SEQUENCE
            r4.<init>()
            iaik.asn1.INTEGER r5 = r6.b()
            r4.addComponent(r5)
            r5 = 0
            if (r0 != r3) goto L3f
            iaik.asn1.CON_SPEC r9 = new iaik.asn1.CON_SPEC
            r0 = 2
            iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo r8 = (iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo) r8
            iaik.asn1.ASN1Object r8 = r8.toASN1Object()
            r9.<init>(r0, r8, r5)
            goto L75
        L3f:
            byte[] r3 = r6.a()
            iaik.security.cipher.SecretKey r9 = r6.a(r9, r3)
            byte[] r9 = r9.getEncoded()
            byte[] r8 = r6.a(r5, r8, r9)
            iaik.asn1.ASN1Object r9 = r6.a(r3)
            iaik.asn1.OCTET_STRING r3 = new iaik.asn1.OCTET_STRING
            r3.<init>(r8)
            iaik.asn1.SEQUENCE r8 = new iaik.asn1.SEQUENCE
            r8.<init>()
            r8.addComponent(r9)
            r8.addComponent(r3)
            if (r0 != r2) goto L6d
            iaik.asn1.CON_SPEC r9 = new iaik.asn1.CON_SPEC
            r9.<init>(r5, r8, r5)
            r4.addComponent(r9)
        L6d:
            if (r0 != r1) goto L78
            iaik.asn1.CON_SPEC r9 = new iaik.asn1.CON_SPEC
            r0 = 1
            r9.<init>(r0, r8, r5)
        L75:
            r4.addComponent(r9)
        L78:
            if (r10 == 0) goto Lb1
            r8 = r10[r5]
            if (r8 == 0) goto Lb1
            iaik.asn1.SEQUENCE r8 = new iaik.asn1.SEQUENCE
            r8.<init>()
            r9 = 0
        L84:
            int r0 = r10.length
            if (r9 >= r0) goto La8
            r0 = r10[r9]     // Catch: java.lang.Exception -> L97
            byte[] r0 = r0.getEncoded()     // Catch: java.lang.Exception -> L97
            iaik.asn1.ASN1Object r0 = iaik.asn1.DerCoder.decode(r0)     // Catch: java.lang.Exception -> L97
            r8.addComponent(r0)     // Catch: java.lang.Exception -> L97
            int r9 = r9 + 1
            goto L84
        L97:
            r7 = move-exception
            iaik.utils.InternalErrorException r8 = new iaik.utils.InternalErrorException
            java.lang.String r9 = "Could not encode certificate: "
            java.lang.StringBuffer r9 = b.a.j(r9)
            java.lang.String r7 = b.a.p(r7, r9)
            r8.<init>(r7)
            throw r8
        La8:
            iaik.asn1.CON_SPEC r9 = new iaik.asn1.CON_SPEC
            r10 = 3
            r9.<init>(r10, r8, r5)
            r4.addComponent(r9)
        Lb1:
            java.util.Hashtable r8 = r6.e
            r8.put(r7, r4)
            return
        Lb7:
            java.security.KeyStoreException r7 = new java.security.KeyStoreException
            java.lang.String r8 = "Unknown private key type."
            r7.<init>(r8)
            throw r7
        Lbf:
            java.security.KeyStoreException r7 = new java.security.KeyStoreException
            java.lang.String r8 = "Password has to be specified."
            r7.<init>(r8)
            throw r7
        Lc7:
            java.security.KeyStoreException r7 = new java.security.KeyStoreException
            java.lang.String r8 = "Key has to be specified."
            r7.<init>(r8)
            throw r7
        Lcf:
            java.security.KeyStoreException r7 = new java.security.KeyStoreException
            java.lang.String r8 = "Alias has to be specified."
            r7.<init>(r8)
            goto Ld8
        Ld7:
            throw r7
        Ld8:
            goto Ld7
        */
        throw new UnsupportedOperationException("Method not decompiled: iaik.security.keystore.IAIKKeyStore.engineSetKeyEntry(java.lang.String, java.security.Key, char[], java.security.cert.Certificate[]):void");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) {
        if (str == null) {
            throw new KeyStoreException("Alias has to be specified. ");
        }
        if (bArr == null || bArr.length == 0) {
            throw new KeyStoreException("Key has to be specified. ");
        }
        SEQUENCE sequence = new SEQUENCE();
        sequence.addComponent(b());
        try {
            sequence.addComponent(new CON_SPEC(2, new EncryptedPrivateKeyInfo(bArr).toASN1Object(), false));
            SEQUENCE sequence2 = new SEQUENCE();
            if (certificateArr != null && certificateArr[0] != null) {
                for (Certificate certificate : certificateArr) {
                    try {
                        sequence2.addComponent(DerCoder.decode(certificate.getEncoded()));
                    } catch (Exception e) {
                        throw new InternalErrorException(a.p(e, a.j("Could not decode certificate: ")));
                    }
                }
                sequence.addComponent(new CON_SPEC(3, sequence2, false));
            }
            this.e.put(str, sequence);
        } catch (InvalidKeyException unused) {
            throw new KeyStoreException("Key is not a PKCS#8-EncryptedPrivateKeyInfo. ");
        }
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return this.e.size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) {
        if (cArr == null || cArr.length == 0) {
            throw new IOException("Password must be specified.");
        }
        byte[] a2 = a();
        SecretKey a3 = a(cArr, a2);
        try {
            Mac mac = Mac.getInstance("HMAC/SHA", "IAIK");
            mac.init(a3);
            SEQUENCE sequence = new SEQUENCE();
            Enumeration keys = this.e.keys();
            while (keys.hasMoreElements()) {
                String str = (String) keys.nextElement();
                OCTET_STRING octet_string = new OCTET_STRING(a(str));
                SEQUENCE sequence2 = new SEQUENCE();
                sequence2.addComponent(octet_string);
                sequence2.addComponent((ASN1Object) this.e.get(str));
                sequence.addComponent(sequence2);
            }
            mac.update(DerCoder.encode(sequence));
            ASN1Object a4 = a(a2);
            byte[] doFinal = mac.doFinal(DerCoder.encode(a4));
            SEQUENCE sequence3 = new SEQUENCE();
            sequence3.addComponent(sequence);
            sequence3.addComponent(a4);
            sequence3.addComponent(new OCTET_STRING(doFinal));
            outputStream.write(DerCoder.encode(sequence3));
        } catch (Exception unused) {
            throw new NoSuchAlgorithmException("Could not initialize HMAC. ");
        }
    }
}
